package com.datasure.demo.security;

import com.datasure.demo.utils.JwtUtil;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author xiaolong5.zhang
 * @date 2022/04/07 17:43
 **/
@Component
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {

    @Value("${jwt.header}")
    private String token_header;

    @Resource
    private JwtUtil jwtUtil;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
//        String auth_token = request.getHeader(this.token_header);
//        final String auth_token_start = "Bearer ";
//        if ((auth_token !=null && auth_token.length()>0) && auth_token.startsWith(auth_token_start)) {
//            auth_token = auth_token.substring(auth_token_start.length());
//        } else {
//            // 不按规范,不允许通过验证
//            auth_token = null;
//        }
//
//        String username = jwtUtil.getUsernameFromToken(auth_token);
//
//        logger.info(String.format("Checking authentication for user %s.", username));
//
//        if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
//            User user = jwtUtils.getUserFromToken(auth_token);
//            if (jwtUtils.validateToken(auth_token, user)) {
//                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
//                authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
//                logger.info(String.format("Authenticated user %s, setting security context", username));
//                SecurityContextHolder.getContext().setAuthentication(authentication);
//            }
//        }
//        chain.doFilter(request, response);
    }
}
